Thursday, November 19, 2009

What have you got to hide? Probably a lot

What have you got to hide? The answer may shock you: If you’re like most Americans, you have far more than you realize that you need to be hiding, and not doing so may be putting you and your family in grave danger.

In his new book, Three Felonies a Day, attorney Harvey Silverglate holds that the typical American professional commits an average of three federal crimes a day, just going about their daily business, without even realizing it. And the only thing keeping them out of prison — make that keeping you out of prison — is the fact that federal prosecutors haven’t looked at you yet. “No social class or profession is safe from this troubling form of social control by the executive branch,” reads a statement on the book’s Web site, “and nothing less than the integrity of our constitutional democracy hangs in the balance.”

While Three Felonies a Day illustrates the problem quite well, today I want to talk about solutions. Likely you have never thought you needed to protect yourself from the government. But you probably weren’t aware that so many federal laws are “impossibly broad and vague” that you were a “criminal” several times over today, just for going to work, picking up your kids, and eating dinner. Moreover, the concept of criminal intent has been largely removed from the law, so you can be imprisoned even if you had no idea what you were doing was against the law.

Under the English common law we inherited, a crime requires intent. This protection is disappearing in the U.S. As Mr. Silverglate writes, “Since the New Deal era, Congress has delegated to various administrative agencies the task of writing the regulations,” even as “Congress has demonstrated a growing dysfunction in crafting legislation that can in fact be understood.” Prosecutors identify defendants to go after instead of finding a law that was broken and figuring out who did it. Expect more such prosecutions as Washington adds regulations. — Wall Street Journal

One of the most powerful solutions against the sorts of miscarriages of justice that land people like you in prison is privacy. Privacy makes it much harder for an overzealous prosecutor to spin your perfectly innocent activities into “crimes.” Not to mention it also provides protection against the more mundane threats of identity thieves, psychotic ex-spouses, and so on.

A few people figured out long ago that the federal government wasn’t actually here to help, and one of them, “Boston T. Party,” (a pen name) in 1996 wrote Bulletproof Privacy, now out of print. The thin volume, most of which is now quite dated, provided a how-to manual with practical solutions for increasing your personal privacy. Boston has since rewritten and expanded it, and the new book, One Nation, Under Surveillance, is three times the size, and has at least three times the practical solutions for protecting yourself.

(I met Boston at this year’s New Hampshire Liberty Forum where he spoke on gun rights in the U.S. after the D.C. v. Heller case. He graciously sent me a signed copy of One Nation, Under Surveillance for free. Unfortunately it got buried under a huge stack of papers on my desk for several months and I only recently found it again.)

Privacy is an insurance policy against oppression. Privacy allows a tyrannized citizenry to think independently, freely, and clearly. (Imagine if book stores were regulated as gun stores!) To speak out, network, and organize against unruly government — all of this in perfect accord with your natural rights, and in tradition with our American history and Constitution. We did not form the servile institution of government for the goal of limitless obedience to that servant. Neither did the States federate themselves under the Constitution for the utter dissolution of their own autonomy and prerogatives. . . .

A government which knows everything about its people is an unassailable government, for the people can no longer safely congregate nor precipitate. In an Orwellian state in which all your communications

, transactions, and associations are monitored/approved, from whence comes any possible readjustment — much less a successful revolution from it? . . .

When privacy goes, the people have in a sense “thrown away the key” to their shackles. Think of your decreasing privacy as being measured for a tailored straightjacket.

What do you have to hide? Today, perhaps nothing. Next year, maybe a lot depending on new information and revised priorities. Privacy is a comprehensive insurance policy. Keep up the premiums, even if you’re not quite sure why.

I’m not going to share much of the how-to with you. That’s in the book, which you should buy. Now. Or even months ago, and I’m sorry this thing sat under a bunch of junk on my desk for so long. I learned quite a few things I never knew, and refreshed myself on those I did. The thing about many of the privacy techniques shown in the book is that in order to protect your privacy most effectively, they have to be in place already before you are threatened.

That means you — no matter how innocent you think you are — need to protect yourself.

Virtually everything imaginable is covered, most in great detail. A few topics were not covered in detail, such as creating alternate identities, or trusts and financial instruments, since the information tends to go out of date rapidly, or would require their own books, or might be illegal to even talk about (in the supposed land of the free). So it is not a complete how-to, but it is nearly complete.

Most of the expanded content in this book deals with online privacy. This was hardly an issue in 1996 when Bulletproof Privacy was published and almost nobody had even heard of the Internet; today virtually everyone is online and too few people on the Internet do much of anything to protect their privacy. Consider the fugitive who fled to Mexico and then updated his status on Facebook. “People just don’t think through the privacy implications of putting their information on the Internet,” security expert Bruce Schneier wrote Monday. “Facebook is how we interact with friends, and we think of it in the frame of interacting with friends. We don’t think that our employers might be looking — they’re not our friends! — that the information will be around forever, or that it might be abused. Privacy isn’t salient; chatting with friends is.”

The sections dealing with securing your computer and being private online are valuable content and the book is worth buying for this alone; Boston covered pretty much everything, from e-mail to cookies to malware to encryption to government raids. I did spot a few technical errors, but nothing that invalidated the techniques presented.

I do have a few minor nits to pick, though. The first is that I don’t feel enough attention was given to risk assessment. Any security expert will tell you that knowing what risks you face, how likely they are to occur, and how disruptive they would be if they occurred, is critical information in determining what you need to do to protect yourself. Boston assumes that his readers want as much privacy as possible, almost without regard to cost or inconvenience. I would have liked to see more treatment of specific risks and how particular techniques mitigate those risks, as well as how to assess risk generally. This, I think, would make the book more accessible and more useful to a wider audience.

Second, I will have to share one of Boston’s techniques. He recommends using Puppy Linux, a stripped down operating system distribution which can run from a CD or USB stick, instead of having your operating system installed on your hard drive. Puppy Linux can also encrypt your data and save it back to the same USB stick, which he recommends. This is probably workable for some people, and is practically necessary when using a public computer (since they can’t be trusted) but other people will be entirely unable to do this, myself included. His advice to never, ever use Windows for anything is sound, of course. But I do many things which pretty much require an installed operating system, such as video editing. For people who can’t live off a USB stick, I would recommend you install Ubuntu or Fedora, both of which are much more full-featured and also offer simple full-disk encryption for your hard drive which is stronger than that provided in Puppy Linux. (I helped test the full-disk encryption feature in Fedora and contributed a few small bits of code to it.)

Finally, with the rapid changes in technology, and the relentless encroachment of government into every aspect of people’s lives, doubtless much of the information in One Nation, Under Surveillance will be out of date, useless, or even potentially dangerous soon. I would like to see some sort of web site to serve as an online addendum to the book, which could contain errata, new information, perhaps a wiki, etc. Many books, especially dealing with technical topics, have such sites already and they serve to add further value.

One Nation, Under Surveillance should be on the bookshelf of anyone serious about privacy, both online and offline. If you aren’t sure, but you think you might need some privacy in the future, you should use it to get started now. By the time you’re sure you need privacy, it may be too late.